SC-900: Microsoft Security, Compliance, and Identity Fundamentals - Interview Questions

The SC-900 certification is your first step into the world of Microsoft cloud security. Whether you're looking to boost your resume, prepare for more advanced certifications, or land an entry-level job in security, these questions will help you build a solid foundation.

SC-900 Interview Questions with Answers

Security, Compliance, and Identity Concepts

1. What is Zero Trust?
   A security model that assumes breach and verifies explicitly, using least-privilege access and continuous validation.

2. Define defense in depth.
   A layered security approach that protects data through multiple defensive mechanisms.

3. What are the three main pillars of the Microsoft SCI framework?
   Security, Compliance, and Identity.

4. What is shared responsibility in the cloud?
   Microsoft secures the cloud infrastructure; customers secure their data, identities, and configurations.

5. Difference between authentication and authorization?
   Authentication verifies identity; authorization controls access rights.

6. What is multi-factor authentication (MFA)?
   An extra layer of security requiring two or more verification methods (e.g., password + OTP).

7. Why is identity considered the new security perimeter?
   In cloud environments, user identities are central to managing access securely.

8. What is conditional access?
   Policy-based evaluation system that grants or blocks access based on conditions like location or risk level.

9. What is a security incident?
   An event indicating that an organization’s systems or data may have been compromised.

10. What is risk-based identity protection?
    Evaluates sign-ins and users for risk, applying automated remediation (like MFA or blocking access).

Microsoft Entra ID (Identity Services)

1. What is Microsoft Entra ID?
   A cloud-based identity and access management (IAM) service for managing users, devices, and access to resources.

2. What is Single Sign-On (SSO)?
   Allows users to authenticate once and access multiple applications without signing in again.

3. What are Entra ID roles?
   Predefined sets of permissions (e.g., Global Admin, User Admin) used for role-based access control (RBAC).

4. What is the difference between Entra ID and Active Directory?
   AD is for on-prem; Entra ID is the cloud-based version designed for SaaS and cloud services.

5. What is hybrid identity?
   Combining on-premises AD with Entra ID to provide seamless access to both environments.

6. What is Azure AD Connect?
   A tool to sync on-prem AD objects to Entra ID for hybrid identity.

7. What are identity protection policies?
   Policies that detect risky users/sign-ins and apply actions like MFA or blocking.

8. What is a tenant in Microsoft 365?
   A dedicated, cloud-hosted instance used by an organization to manage Microsoft cloud services.

9. What is privileged identity management (PIM)?
   Provides just-in-time privileged access to manage time-bound, approval-based admin access.

10. How does self-service password reset (SSPR) work?
    Allows users to reset their passwords without admin help using configured verification methods.

Microsoft Security Solutions

1. What is Microsoft Defender for Endpoint?
   An endpoint detection and response (EDR) solution to prevent, detect, and respond to threats on devices.

2. What is Microsoft Defender for Office 365?
   Protects email and collaboration tools from phishing, malware, and other threats.

3. What is Microsoft Sentinel?
   A cloud-native SIEM and SOAR tool for security analytics and threat response.

4. What is Microsoft Defender for Identity?
   Monitors on-prem Active Directory environments for identity-related threats.

5. What is Microsoft Secure Score?
   A numerical summary of your security posture, with recommendations for improvement.

6. What is Microsoft Defender for Cloud?
   Provides cloud security posture management (CSPM) and threat protection across Azure, AWS, and GCP.

7. How does Microsoft use machine learning for security?
   To detect anomalies, threats, and automate responses based on behavioral data.

8. What are security baselines?
   Predefined security settings recommended by Microsoft for securing services.

9. What is Attack Simulation Training in Microsoft 365?
   A feature to train users against phishing attacks using simulated emails.

10. How does Microsoft help with threat intelligence?
    Via Microsoft Threat Intelligence Center (MSTIC), integrated into Defender and Sentinel.

Microsoft Compliance Solutions

1. What is Microsoft Purview?
   A unified data governance and compliance solution covering data classification, loss prevention, records management, and eDiscovery.

2. What is Information Protection in Microsoft 365?
   Classifies and protects sensitive data using sensitivity labels, encryption, and access restrictions.

3. What is a sensitivity label?
   A tag that applies security settings like encryption and visual markings to content.

4. What is Data Loss Prevention (DLP)?
   Helps prevent the sharing of sensitive information externally by applying policies.

5. What is Microsoft Information Governance?
   Controls how long data is retained or deleted with retention policies and labels.

6. What is Compliance Score?
   A metric showing how compliant your Microsoft 365 environment is with regulatory and internal requirements.

7. What is eDiscovery in Microsoft Purview?
   Allows legal teams to identify, hold, and export content for legal investigations.

8. What is Insider Risk Management?
   Detects potentially risky behavior like data theft, harassment, or data exfiltration.

9. What is Communication Compliance?
   Monitors communication channels (Teams, email) for policy violations.

10. What is Microsoft Priva?
    A solution focused on data privacy management, including Subject Rights Requests (DSRs).

General and Administrative

1. What is Microsoft Security & Compliance Center?
   The central portal for managing security and compliance in Microsoft 365 (now part of Microsoft Purview).

2. What is Microsoft Graph?
   An API framework for accessing Microsoft 365 data and security telemetry.

3. What is Conditional Access Policy?
   A policy that enforces access controls based on user, device, location, or risk.

4. What is role-based access control (RBAC)?
   A model that grants access permissions based on the role a user is assigned.

5. How does Microsoft 365 handle external collaboration?
   Via guest access, entitlement management, and access reviews.

6. What is a compliance boundary?
   Limits where data can reside or be accessed—useful for regulatory compliance.

7. What is Microsoft Defender XDR?
   An extended detection and response platform unifying threat signals across endpoints, identities, email, and cloud.

8. What are Microsoft 365 Groups?
   A service that enables collaboration across Outlook, SharePoint, Teams, etc., and controls membership and permissions.

9. What is Just-in-Time (JIT) access?
   Provides time-limited admin privileges to reduce standing permissions.

10. How do security and compliance integrate in Microsoft 365?
    Through a shared platform (Microsoft Purview & Microsoft Defender) that spans identity, endpoint, cloud, and data security.

The SC-900 exam is the perfect launchpad for those starting their journey into Microsoft’s cloud security and compliance ecosystem. These questions give a strong foundational grasp for interviews or further learning.